yelp-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Prompt Injection] (LOW): The
scripts/get_reviews.pyscript interpolates user-supplied business names and locations directly into a natural language task for an LLM-driven browser agent. - Ingestion points: CLI arguments 'business' and 'location' in
get_reviews.py. - Boundary markers: None; user data is not delimited within the prompt template.
- Capability inventory: Browser interaction and data extraction via
browser-use. - Sanitization: Inputs are used raw without validation or escaping.
- [External Downloads] (LOW): The skill setup instructions require downloading browser binaries using Playwright (
playwright install chromium), which is a standard procedure for browser automation tools.
Audit Metadata